// routes/authRoutes.js
const express = require('express');
const router = express.Router();
const authController = require('../controllers/authController');
const { check, oneOf } = require('express-validator');
const { requireActive } = require('../middlewares/authMiddleware.js');

/**
 * POST /api/login
 * @summary 登录
 * @description {
  "email": "admin@qq.com",
  "password": "123456"
}
 * @tags auth
 * @param {object} request.body.required - 请求体参数
 * @param {string} request.body.email - 邮箱
 * @param {string} request.body.password - 密码
 * @return {object} 200 - success
 * @example response - 200 - 登录成功示例
 * {
 *   "code": 200,
 *   "message": "登录成功",
 *   "token": "your-jwt-token-here"
 * }
 */
router.post('/login', oneOf([
  // 条件1: 管理员登录 (通过 isAdmin 字段判断)
  [
    check('email').equals('admin'),
    check('password').notEmpty().withMessage('密码不能为空')
  ],
  // 条件2: 普通用户登录
  [
    check('email').isEmail().withMessage('无效邮箱格式'),
    check('password').notEmpty().withMessage('密码不能为空')
  ]
], '请提供有效的管理员标识或邮箱'),requireActive, authController.login);


router.post('/addAdminUser', authController.addAdminUser);
/**
 * GET /api/getUserInfo
 * @security BearerAuth
 * @header {string} Authorization - Bearer Token认证信息，格式为: Bearer {token}
 * @summary 获取用户信息
 * @tags auth
 * @return {object} 200 - success
 */
router.get('/getUserInfo', authController.getUserInfo)


module.exports = router;
